Re: [TLS] I-D Action: draft-ietf-tls-certificate-compression-02.txt

Alessandro Ghedini <alessandro@ghedini.me> Thu, 08 February 2018 21:43 UTC

Return-Path: <alessandro@ghedini.me>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22B0E1275C5 for <tls@ietfa.amsl.com>; Thu, 8 Feb 2018 13:43:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ghedini.me
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mqKbkdWPKK3t for <tls@ietfa.amsl.com>; Thu, 8 Feb 2018 13:43:11 -0800 (PST)
Received: from blastoise.ghedini.me (blastoise.ghedini.me [IPv6:2001:19f0:6c01:a56:5400:1ff:fe4a:5694]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 00D7C126C3D for <tls@ietf.org>; Thu, 8 Feb 2018 13:43:11 -0800 (PST)
Received: from localhost (unknown [IPv6:2a02:8010:6241:0:b8f6:3896:c9b3:2aff]) by blastoise.ghedini.me (Postfix) with ESMTPSA id 0E2C5DF267 for <tls@ietf.org>; Thu, 8 Feb 2018 21:43:09 +0000 (UTC)
Date: Thu, 08 Feb 2018 21:43:07 +0000
From: Alessandro Ghedini <alessandro@ghedini.me>
To: tls@ietf.org
Message-ID: <20180208214307.GA29309@pinky>
Mail-Followup-To: tls@ietf.org
References: <151696190108.24397.6150515497869897080@ietfa.amsl.com> <20180126102659.GA5204@pinky> <4ef441ff-6075-626e-b208-a0e5da3d18f0@akamai.com> <CAAZdMaczieoBKBo21Hpm36V6k=SY_UORqwguma0QGh3JJW4wPA@mail.gmail.com> <9126f0e6-e135-5421-f9b9-1ff880fd19e8@akamai.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <9126f0e6-e135-5421-f9b9-1ff880fd19e8@akamai.com>
User-Agent: Mutt/1.9.3 (2018-01-21)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ghedini.me; s=mail; t=1518126189; h=from:subject:date:message-id:to:mime-version:content-type:content-transfer-encoding:in-reply-to:references; bh=1IKCbKFSamHbLjLa7J6MPeLL3+N7CSGpCVCsiDRDYF8=; b=MVGRJQFZlWWMmbfYUIKcoqlA98mtFsDeQZRkJzheLrwL5/n7/qXWsRhZtXTsZgZzkW/1Zv qvBnuFuH3JSOmvSeqTzJtkNmWh9t2/B2hQTmND6VU7F5tkA1WF6rHlWAL6AMH3a0ck13PP YGJX2JC4pYqAX48cOi4pzdNIZaAi6/A=
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/-WoFtGCqyGSDcXMHQkWcxoQr8Rk>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-certificate-compression-02.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Feb 2018 21:43:13 -0000

On Wed, Jan 31, 2018 at 03:41:34PM -0600, Benjamin Kaduk wrote:
> On 01/30/2018 04:02 PM, Victor Vasiliev wrote:
> >     I also wondered whether there was any sense in reserving codepoint
> >     0 (of
> >     CertificateCompressionAlgorithm) for "uncompressed".  I guess not,
> >     since
> >     support for uncompressed certificates is implicit by means of not
> >     using
> >     the extension.  But sometimes keeping value 0 (basically) reserved is
> >     still useful.
> >
> >
> > I've considered that, but decided that this would just introduce two
> > ways to do
> > the same thing (send certificate uncompressed), so I decided against it.
> 
> Sure.  I don't see a reason to add a code point for uncompressed, but
> maybe there is an aesthetic argument for leaving 0 reserved entirely. 
> But I definitely do not insist on anything.

Yeah, makes sense to keep 0 reserved. I made a PR for this:
https://github.com/tlswg/certificate-compression/pull/12

and looks like Victor already merged it.

Cheers